Test Managed Risk credentials

Find out how to test credentials that you created for Managed Risk authenticated vulnerability scanning.

Currently, this page only describes tests for credentials used in Windows environments.

Test Windows credentials

To test a Windows credential, you must do as follows:

Perform the tests from a system on the same subnet as your scanning appliance.

This ensures you're doing the test under the same network conditions the scanner will use.
Use exactly the same credential you created in Sophos Central.
Run all commands in a Command Prompt or PowerShell terminal with administrative privileges.

To test basic connectivity, run this command:

net use \\<Target_IP>\ipc$ /user:<username> <password>

You see the message "The command completed successfully" if your credential and network access are properly configured.

To test administrative access, run this command:

net use \\<Target_IP>\admin$ /user:<username> <password>

Success here confirms you have an administrator-level credential and share access, which is required for comprehensive scanning.

To test Remote Registry access, run this command:

reg query \\<Target_IP>\HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion /v ProgramFilesDir

This verifies that the Remote Registry service is running and accessible with your credential.

To test access to WMI (Windows Management Instrumentation), run this command:

wmic /node:"<Target_IP>" /user:"<username>" /password:"<password>" os get name

This verifies WMI connectivity, which is essential for many vulnerability checks.

When you've completed testing, disconnect from the shares by running these commands:

net use \\<Target_IP>\ipc$ /delete
net use \\<Target_IP>\admin$ /delete

This removes the connections and clears the credential from the session.